Discuz! X3.4 permette XSS tramite admin.php perché AdminCP / admincp_setting.php e template \ default \ common \ campo strapazza footer.htm STATCODE dal codice di terze parti statistiche. |
https://github.com/novysodope/Discuz-X3.4/blob/master/XSS https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19464 |
Vulnerabilità: CVE-2018-19464
